Serial iPhone and Mac hacker Charlie Miller takes job at Twitter

The hire signals the microblogging site's growing commitment to security.

Charlie Miller, the security researcher who has repeatedly developed exploits that take complete control of Macs, iPhones, and iPads, will be joining Twitter next week, the latest sign that the microblogging site is getting serious about security.

"Monday I start on the security team at Twitter," the St. Louis, Missouri-based Miller wrote on Twitter. "Looking forward to working with a great team there!" Moxie Marlinspike, the pseudonymous cryptographer who has identified numerous security bugs in the SSL protocol used to secure website transactions, will be Miller's boss, Miller said in an e-mail to Ars.

Members of Twitter's press team didn't respond to an e-mail seeking comment for this article.

Miller, who cut his reverse-engineering teeth working for the National Security Agency, has been a prolific supplier of OS X and iOS exploits at events such as the Black Hat Security conference and the Pwn2Own hacker competition. He was the first known person to develop a working exploit that remotely took control of the iPhone. Less than a month after the Apple phone was released in 2007, he published a proof-of-concept webpage that secretly siphons SMS text messages, contact information, call history, and voicemail. Over the past five years, he has developed dozens of other exploits that target iOS and OS X. He has said he focused on Apple products because those are the devices he used most and he wanted them to be more secure.

In the past year, Twitter has shown a growing commitment to securing its millions of users, some of whom are dissidents of repressive governments. In November, it acquired smartphone encryption provider Whisper Systems, bringing Marlinspike and Stuart Anderson onboard. Twitter was one of the first social networking sites to offer always-on SSL, making it possible for end-users to have start-to-finish sessions on the site. The constant protection goes a long way to defeating attacks that are trivial to carry out in Internet cafes and other locations where networks aren't secure.

Given Miller's enthusiastic embrace of Twitter, it wouldn't be surprising for him to turn his considerable hacking acumen to identifying critical bugs in its platform so they can be fixed before they are exploited by someone with malicious intent. Miller's announcement touched off all kinds of speculation about what it means for the future of Twitter. "Clearly @0xcharlie went to Twitter to lock down the upcoming TwitterPhone." Wired reporter Robert McMillan tweeted.